April 7, 1997
NET USERS URGE STANDARDS GROUP TO PROTECT PRIVACY Organizations Respond to Attack on Privacy Standard by Some Online Marketing Groups Debate Focuses on Use of "Cookies"
WASHINGTON - Many of the nation's leading consumer, civil liberties, and children's advocacy organizations have urged an Internet standards organization to fix a problem with web browser software that allows companies and government agencies operating web sites to track the activities of Internet users.
The proposed safeguard has come under attack by several companies engaged in interactive advertising and marketing. According to a March 31, 1997 article in Ad Age, these groups are now drafting a "counter-proposal" to head-off the IETF recommendation.
James Love, director of the Ralph Nader's Consumer Project on Technology said "There should never be a case where private firms and government agencies are writing and reading information on a consumer's hard disk, without explicit authorization. These transactions must be more transparent, and the users must have the practical ability to say no."
Jeff Chester, director of the Center for Media Education, said "We have to keep on-line marketers out of the 'cookie jar.' Such `Orwellian' practices to stealthily track every move made on-line, and share that information with other companies, should be prohibited.
More information about cookies is available at the EPIC Cookies Page.
Organizations endorsing the letter include the Center for Media Education, Computer Professionals for Social Responsibility, Consumer Federation of American Consumer Project on Technology, Electronic Frontier Foundation, Electronic Privacy Information Center, National Association of Elementary School Principals, NetAction and Privacy International.
To: Internet Engineering Task Force
Date: April 7, 1997
Re: RFC 2109
We write to express support for RFC 2109, the proposal for an HTTP State Management Mechanism, to address privacy concerns associated with "cookies." The proposal will allow users to exercise greater control over the creation and collection of personal information resulting from transactions between web clients and web servers.
The proposal was published by the IETF on February 18 and is already in use on the Web. Netscape has indicated that Navigator 4.0 will incorporate part of the specification.
We believe that "transparency" -- the ability of users to see and exercise control over the disclosure of personally identifiable information -- is a critical guideline for the development of sensible privacy practices on the Internet. The alternative would be the surreptitious collection of data without the ability to exercise any control.
We support adoption of RFC 2109. We believe it is important step forward in the protection of privacy on the Internet
Center for Media Education
Computer Professionals for Social Responsibility
Consumer Federation of American Consumer Project on Technology
Electronic Frontier Foundation
Electronic Privacy Information Center
National Association of Elementary School Principals
United States Privacy Council
and more than 100 Internet users
Mr. Bill Gates, President, Microsoft
Mr. Jim Barksdale, President, Netscape
Mr. Nathan Mhyrvold, Chief Technical Officer, Microsoft
Mr. Marc Andreesen, Chief Technical Officer, Netscape
Mr. Ira Magaziner, the White House
Commissioner Christine Varney, Federal Trade Commission